Hello Thomas, On 10/06/2026 17:41, Thomas Goirand wrote:
Until very recently, I cared for OpenStack security updates in Bullseye.
Thanks :)
Since a few were too hard to backport (namely: Ironic), I gave up. Will someone from the LTS team take-over? FYI, I now maintain this page: https://wiki.debian.org/OpenStack/CVE-2026
Thanks, now referenced in our doc: https://lts-team.pages.debian.net/wiki/TestSuites/OpenStack.html
which actually shows that I'm up-to-date except for Vitrage and Horizon which will go through the stable release team (bug already opened, waiting for the approval before upload).
Currently we don't have much sponsoring for OpenStack (AFAICS, oslo-utils for bullseye, plus keystone & swift for ELTS buster).
So they have low priority until bullseye EOL in September, and then this'll depend on whether there are ELTS sponsors.
Cheers! Sylvain
